Lucene search
K

59 matches found

EUVD
EUVD
added 3 days ago7 views

EUVD-2026-41441

Libreswan, via the function RSAauthenticatehashsignaturerawrsa, did not correctly verify the length of the authentication hash when the SIG payload of an IKEv1 packet was encoded using PKCS 1 RSA Encryption as per RFC 2313. A remote attacker can use a variation on the Bleichenbacher attack to for...

8.1CVSS6.3AI score0.00367EPSS
Exploits0References5
EUVD
EUVD
added 3 days ago6 views

EUVD-2026-41439

An invalidly formatted IKEv2 fragment causes the Libreswan pluto daemon to crash and restart. Continued exploitation would cause a denial of service. The function reassemblev2incomingfragments would ignore unknown outer payloads but still store these in a fixed size array msgdigest.digestPAYLIMIT...

7.5CVSS6.4AI score0.00597EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 4 days ago5 views

CVE-2026-50721

Libreswan, via the function RSAauthenticatehashsignaturerawrsa, did not correctly verify the length of the authentication hash when the SIG payload of an IKEv1 packet was encoded using PKCS 1 RSA Encryption as per RFC 2313. A remote attacker can use a variation on the Bleichenbacher attack to for...

8.1CVSS6.3AI score0.00367EPSS
Exploits0References5
CVE
CVE
added 4 days ago14 views

CVE-2026-50721

CVE-2026-50721 concerns Libreswan where the function RSA_authenticate_hash_signature_raw_rsa() does not properly verify the authentication hash length when the SIG payload of an IKEv1 packet is encoded using PKCS#1 RSA Encryption per RFC 2313. This enables a remote attacker to leverage a Bleichen...

8.1CVSS6.3AI score0.00367EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 4 days ago7 views

PT-2026-55315

Name of the Vulnerable Software and Affected Versions Libreswan affected versions not specified Description Libreswan fails to correctly verify the authentication hash length when the SIG payload of an IKEv1 packet is encoded using PKCS 1 RSA Encryption. This occurs within the RSA authenticate ha...

8.1CVSS6.5AI score0.00367EPSS
Exploits0References8
GithubExploit
GithubExploit
added 2026/06/10 2:16 p.m.63 views

Exploit for Improper Authentication in Checkpoint Gaia_Os

markdown CVE-2026-50751 - Check Point IKEv1 Authentication Byp...

9.3CVSS5.9AI score0.70099EPSS
Exploits5
Rapid7 Blog
Rapid7 Blog
added 2026/06/08 5:5 p.m.12 views

Critical Check Point VPN Zero-Day Exploited in the Wild (CVE-2026-50751)

Overview On June 8, 2026, Check Point published a security advisory for CVE-2026-50751, a critical authentication bypass vulnerability affecting Check Point Remote Access VPN, Mobile Access, and Spark Firewall products. The vulnerability affects deployments configured to use the deprecated IKEv1...

9.3CVSS6.2AI score0.70099EPSS
Exploits5
The Hacker News
The Hacker News
added 2026/06/08 2:17 p.m.23 views

Critical Check Point VPN Flaw Exploited to Bypass Passwords in IKEv1 Setups

Check Point has warned of active exploitation of a critical vulnerability impacting Remote Access VPN and Mobile Access deployments that are configured to use the deprecated IKEv1 key exchange protocol. The vulnerability, tracked as CVE-2026-50751 CVSS score: 9.3, is a case of a logic flow weakne...

9.3CVSS5.8AI score0.70099EPSS
Exploits5
NVD
NVD
added 2026/06/08 12:16 p.m.17 views

CVE-2026-50752

A weakness in the certificate validation logic of the deprecated IKEv1 key exchange may allow an unauthenticated attacker positioned as a man-in-the-middle to bypass certificate validation in VPN site-to-site connections that use certificate-based authentication. Successful exploitation could all...

7.4CVSS0.04859EPSS
Exploits0References1
OSV
OSV
added 2026/04/14 8:35 a.m.5 views

CLSA-2025-1757947429 libreswan: Fix of CVE-2023-38711

CVE-2023-38711: fix a NULL pointer dereference in IKEv1 Quick Mode with IDIPV4ADDR/IDIPV6ADDR that causes a crash and restart of the pluto daemon when it receives an IDcr payload with IDFQDN...

6.5CVSS6.6AI score0.00691EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.5 views

MiracleLinux 8 : libreswan-4.12-2.el8_10.4 (AXSA:2024-8551:06)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2024-8551:06 advisory. libreswan: IKEv1 default AH/ESP responder can crash and restart CVE-2024-3652 Tenable has extracted the preceding description block directly from the...

6.5CVSS5.6AI score0.008EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/19 12:0 a.m.4 views

MiracleLinux 8 : libreswan-3.29-7.el8 (AXSA:2020-374:02)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2020-374:02 advisory. libreswan: DoS attack via malicious IKEv1 informational exchange message CVE-2020-1763 Tenable has extracted the preceding description block directly from the...

7.5CVSS5.6AI score0.03288EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/11/17 8:47 p.m.8 views

CVE-2025-36118 IBM Storage Virtualize Information Disclosure

IBM Storage Virtualize 8.4, 8.5, 8.7, and 9.1 IKEv1 implementation allows remote attackers to obtain sensitive information from device memory via a Security Association SA negotiation request...

7.5CVSS0.00315EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2006-0725

Malware in sbrugna...

5CVSS6.4AI score0.02008EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/07/21 12:0 a.m.6 views

TRENDnet TEW-WLC100P 安全漏洞

The TRENDnet TEW-WLC100P is a wireless LAN controller from Trendnet, Inc. A security vulnerability exists in the TRENDnet TEW-WLC100P version 2.03b03 that stems from enabling IKEv1 aggressive mode, which could lead to an offline attack...

7.3CVSS6.6AI score0.00288EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2025/01/02 9:44 p.m.6 views

libreswan: IKEv1 default AH/ESP responder can crash and restart

A flaw was found in Libreswan, where it was identified to contain an assertion failure issue in the computeprotokeymat function. The vulnerability can be exploited when an IKEv1 connection is loaded with an AH/ESP default setting when no esp= line is present in the connection. This flaw allows an...

6.5CVSS6.3AI score0.008EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/01/02 8:2 p.m.4 views

libreswan: Invalid IKEv1 repeat IKE SA delete causes crash and restart

A NULL pointer dereference vulnerability was found in the Libreswan package. When an IKEv1 ISAKMP SA Informational Exchange packet contains a Delete/Notify payload followed by further Notifies that act on the ISAKMP SA, such as a duplicated Delete/Notify message, a NULL pointer dereference on the...

6.5CVSS5.8AI score0.00691EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2025/01/02 8:2 p.m.5 views

libreswan: Regression of CVE-2023-30570 fixes in the Red Hat Enterprise Linux

A vulnerability was found in the libreswan library. This security issue occurs when an IKEv1 Aggressive Mode packet is received with only unacceptable crypto algorithms, and the response packet is not sent with a zero responder SPI. When a subsequent packet is received where the sender reuses the...

7.5CVSS6.4AI score0.01581EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2025/01/02 8:2 p.m.3 views

libreswan: IKEv1 default AH/ESP responder can crash and restart

A flaw was found in Libreswan, where it was identified to contain an assertion failure issue in the computeprotokeymat function. The vulnerability can be exploited when an IKEv1 connection is loaded with an AH/ESP default setting when no esp= line is present in the connection. This flaw allows an...

6.5CVSS6.3AI score0.008EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/01/02 6:44 p.m.4 views

libreswan: IKEv1 default AH/ESP responder can crash and restart

A flaw was found in Libreswan, where it was identified to contain an assertion failure issue in the computeprotokeymat function. The vulnerability can be exploited when an IKEv1 connection is loaded with an AH/ESP default setting when no esp= line is present in the connection. This flaw allows an...

6.5CVSS6.3AI score0.008EPSS
Exploits0References5
Rows per page
Query Builder